Abstract: The present disclosure relates to a system, method, and computer program for restoring extracted data to a cloud-based application. The system extracts a copy of data associated with a cloud-based application. The system provides a user interface that enables a user to enter a restoration flow for restoring the extracted data to the cloud-based application, where the restoration flow includes one or more routines for execution. The system receives a restoration flow comprising a pre-restoration routine and a restoration routine, where the pre-restoration routine specifies one or more data transformations to render the extracted data compatible with a restoration to the cloud-based application. The system executes the pre-restoration routine to transform the extracted data to be compatible with a restoration to the cloud-based application. The system executes the restoration routine to restore the transformed data to the cloud-based application.

Abstract: The present invention extracts entity data from a plurality of related data objects from an external multi-tenant SaaS environment. The system extracts metadata related to an entity's data records and uses the metadata to identify a data schema associated with the entity's data. The system provides an interface for enabling a user to create an extraction tree that includes the data objects in the data schema from which data will be extracted. Enabling a user to create an extraction tree includes enabling a user to add a root node to the extraction tree, add any parent and child nodes of the root node in the data schema to a next level of the extraction tree, and add multiple additional levels of the extraction tree. The system creates an extraction plan based on the extraction tree and extracts data from the multi-tenant SaaS environment based on the extraction plan.

Abstract: The present invention is directed to managing sensitive local data for a global application in compliance with local data residency requirements. In a first location having data residency requirements, the system receives a write request for a record, determines that the record includes both sensitive and non-sensitive data, stores the sensitive data in a local storage device, creates masked data corresponding to the sensitive data, creates a modified record that includes the masked data, the local storage ID of the sensitive data, and the non-sensitive data, and sends the modified record to a global application for storage in a second location. In the second location, the system receives the write request for the modified record at an enforcement module on the global application, determines whether the modified record complies with the data residency requirements of the first location and, if so, sends the modified record to a global storage device.

Abstract: The present disclosure relates to a system, method, and computer program for extracting large customer data volumes at high speed from an external multi-tenant SaaS environment. The system identifies a plurality of customer data objects to be extracted from the multi-tenant SaaS environment. The system creates an extraction plan for extracting the identified data objects, which includes identifying characteristics of each data object to be extracted, creating a plurality of extraction groups, determining an extraction frequency and extraction mode, determining a scope of data extraction, assigning an API to each extraction group, identifying extraction parameters, determining a degree of parallelism, and creating an extraction plan. The system displays the extraction plan in a user interface and enables a user to edit the extraction plan.

Abstract: A system for securely handling and storing customer data without enabling human access to the data receives and processes the customer data for storage where the customer data is granularly encrypting without storing a key for decryption. The granularly-encrypted customer data is transmitted over a secure network to a cloud-based data storage system that has no access to the key for decryption. The system receives a request from the customer to transmit the customer data to an external destination. The system retrieves the granularly-encrypted customer data from the cloud-based data storage system over a secure network and receives the key for decryption from the customer. The system decrypts the granularly-encrypted customer data using the key and discards the key. The system processes the customer data for transmission and transmits the customer data to the external destination over a secure network.

Abstract: The present disclosure relates to a system, method, and computer program for providing an ultra-high availability cloud emulator of an entity's data in a multi-tenant SaaS environment that is not controlled by the entity. The system extracts metadata related to the entity's data and user interface in the multi-tenant SaaS environment. The metadata is used to identify and extract data records for an entity from the multi-tenant SaaS environment, as well as to ascertain functional aspects of the entity user interface in the multi-tenant SaaS environment. A cloud emulator of the entity's data records and user interface in the multi-tenant SaaS environment is created using the extracted data records and metadata, where the cloud emulator is outside the multi-tenant SaaS environment. The entity is able to access the cloud emulator at the entity's discretion as a failover for the entity's data records in the multi-tenant SaaS environment and to modify the entity's data records in the cloud emulator.

Abstract: The present disclosure relates to a system, method, and computer program for providing an ultra-high availability cloud emulator of an entity's data in a multi-tenant SaaS environment that is not controlled by the entity. The system extracts metadata related to the entity's data and user interface in the multi-tenant SaaS environment. The metadata is used to identify and extract data records for an entity from the multi-tenant SaaS environment, as well as to ascertain functional aspects of the entity user interface in the multi-tenant SaaS environment. A cloud emulator of the entity's data records and user interface in the multi-tenant SaaS environment is created using the extracted data records and metadata, where the cloud emulator is outside the multi-tenant SaaS environment. The entity is able to access the cloud emulator at the entity's discretion as a failover for the entity's data records in the multi-tenant SaaS environment and to modify the entity's data records in the cloud emulator.